On 04/01/12 14:36, Phillip Susi wrote:
> Why bother encrypting / instead of just /home? We already have /home
> encryption, which seems to meet the needs of most people.
Well if you're going to the effort of encrypting data on-disk, it also
makes sense to cover at least /var and /tmp as well as swap space, all
of which potentially contain user passwords, encryption keys, temporary
files and so on.
/etc also tends to contain potentially sensitive data and I'm not sure
if/how one could have that as a separate partition and still have a
bootable system - though I look forward to being educated. :)
By the time you've gone that far, and convinced yourself that nothing
sensitive is going to end up elsewhere on your filesystem, I guess you
may as well go the whole hog. Any performance hit is probably
outweighed by the privacy gains.
JT
--
James Tait, BSc. | https://launchpad.net/~jamestait/
Software Engineer, Canonical Online Services, Web and Mobile Team
Ubuntu - Linux for human beings | www.ubuntu.com